Log of /retired/CVE-2006-0095

---

Revision 548 - (view) (download) (annotate) - [select for diffs]
Modified Thu Aug 17 00:24:25 2006 UTC (6 years, 9 months ago) by dannf
File length: 797 byte(s)
Copied from: patch-tracking/CVE-2006-0095 revision 520
Diff to previous 532

move retired to the top level hierarchy so people can easily checkout just the active issues

---

Revision 532 - (view) (download) (annotate) - [select for diffs]
Modified Mon Aug 14 02:24:50 2006 UTC (6 years, 9 months ago) by dannf
Original Path: patch-tracking/retired/CVE-2006-0095
File length: 797 byte(s)
Copied from: patch-tracking/CVE-2006-0095 revision 520
Diff to previous 505

retire issues that:
 1) sarge is no longer vulnerable to
 2) upstream >= 2.6.17.x has a fix
 3) have no ubuntu kernels listed

these issues could still use some polishing - listing of patch names used,
fixed versions marked, etc - but they no longer need to be tracked

---

Revision 505 - (view) (download) (annotate) - [select for diffs]
Modified Sat Jul 15 15:47:34 2006 UTC (6 years, 10 months ago) by dannf
Original Path: patch-tracking/CVE-2006-0095
File length: 812 byte(s)
Diff to previous 497

start tracking security issues in linux-2.6.16

---

Revision 497 - (view) (download) (annotate) - [select for diffs]
Modified Fri Jul 7 09:58:33 2006 UTC (6 years, 10 months ago) by jmm-guest
Original Path: patch-tracking/CVE-2006-0095
File length: 797 byte(s)
Diff to previous 392

record various upstream and linux-2.6 fixes

---

Revision 392 - (view) (download) (annotate) - [select for diffs]
Modified Sun Mar 19 19:24:03 2006 UTC (7 years, 2 months ago) by dannf
Original Path: patch-tracking/CVE-2006-0095
File length: 769 byte(s)
Diff to previous 341

mark sarge2 issues as released... a bit prematurely

---

Revision 341 - (view) (download) (annotate) - [select for diffs]
Modified Wed Jan 18 09:23:46 2006 UTC (7 years, 4 months ago) by jmm-guest
Original Path: patch-tracking/CVE-2006-0095
File length: 768 byte(s)
Diff to previous 286

new issue
add some credits to add them to the DSA text

---

Revision 286 - (view) (download) (annotate) - [select for diffs]
Modified Wed Jan 11 21:38:27 2006 UTC (7 years, 4 months ago) by dannf
Original Path: patch-tracking/CVE-2006-0095
File length: 735 byte(s)
Diff to previous 256

drop generic 2.6.8 - just track 2.6.8-sarge-security.
Move all of the issues that were fixed in <= 2.6.8-16 to the
2.6.8-sarge-security bucket so we don't lose that info.

---

Revision 256 - (view) (download) (annotate) - [select for diffs]
Modified Fri Jan 6 23:20:03 2006 UTC (7 years, 4 months ago) by jmm-guest
Original Path: patch-tracking/CVE-2006-0095
File length: 788 byte(s)
Copied from: patch-tracking/dm-crypt-zero-key.dpatch revision 254
Diff to previous 241

dm_crypt leak CVEfied

---

Revision 241 - (view) (download) (annotate) - [select for diffs]
Modified Thu Jan 5 10:19:42 2006 UTC (7 years, 4 months ago) by jmm-guest
Original Path: patch-tracking/dm-crypt-zero-key.dpatch
File length: 781 byte(s)
Diff to previous 231

this should be the other way 'round

---

Revision 231 - (view) (download) (annotate) - [select for diffs]
Added Thu Jan 5 03:19:55 2006 UTC (7 years, 4 months ago) by horms
Original Path: patch-tracking/dm-crypt-zero-key.dpatch
File length: 781 byte(s)

dm-crypt does not clear struct crypt_config before freeing it. Thus,
information on the key could leak f.e. to a swsusp image even after the
encrypted device has been removed. The attached patch against 2.6.14 / 2.6.15
fixes it.